I write and speak about technology's impact on business and life in books, for Forbes and occasionally for business. I'm author of five books including Age of Context and Naked Conversations and am currently researching a book with the working title of The We Economy: How Technology Gives Everyone a Better Shot. Pitch me by email: ShelIsrael1@gmail.com.

The Great Facebook Employee Password Non-issue

It must have been a slow news week. Much attention was given to a series of news items related to employers requiring applicants and employees to turn over their Facebook username and passwords to them. On first look, it seemed to be an outrageous privacy incursion, but on closer examination it turns out there have been very few reported instances of privacy abuse and none of them seem to have happened very recently.

But a string of news announcements in rapid succession made it seem like there was a rising tsunami of abuse headed toward Facebook users looking for jobs.

Here’s the recap:

On March 20, Fox News reported that a few government agencies were requiring employees and applicants to turn over Facebook username and password information. Of some interest, was that none of the cases occurred recently. Stillo me to be some cause for concern and I started watching.

On March 21, NPR broadcasted and posted a story under the banner, “Resume, Cover Letter and your Facebook Password,” The website intro stated, “At your next job interview you might need to hand in more than a resume and references. More employers are requiring applicants to submit their Facebook password as part of the application process. States like Illinois and Maryland are enacting legislation to ban the practice. Robert Siegel talks with Robert Collins, who had to hand over his Facebook user name and password when applying for a job with the Maryland Department.” of Public Safety and Correctional Services. In the interview, Collins described his disturbing experience when applying for an officer’s position with the Maryland Department of Public Safety. During a job interview an HR person requested Collins’ Facebook username and password saying it was being done to verify that Collins, a former state trooper, applying to once again be a state trooper was not affiliated with any gangs. Collins told Siegel in the interview that he had felt shocked and violated at the time and rightfully so.

But the incident occurred in 2010. There is little reason to assume that because this happened to an applicant for a police officer job in 2010, your application to become whatever you aspire to become in 2012 is somehow associated with this event or that the likelihood is increasing. In fact, the ACLU is suing Maryland on Collins’ behalf and the department has dropped the requirement–although it still requests voluntary access. Siegel never returned to the lead of the piece that claimed more companies were demanding passwords, when in fact there seem to be no reported instances of this sort of abuse in over a year, and I can’t seem to find a single case of such abuse ever being recorded in the private sector.

As a public broadcast admirer, I found NPR’s handling to be an embarrassing follow-on to Ira Glass’s painful apology for not fact-checking Mike Daisey’s deceitful “documentary” on the Apple Foxconn controversy.

At this point, the story gained traction. Every comment I saw opposed the practice. People vowed to refuse, quit or sue if their current or future employer asked for online password information.

On Friday, Mar 23 Erin Egan, Facebook’s chief privacy officer, policy, posted a carefully worded blog under the headline: “Protecting Your Passwords and Your Privacy.” The penultimate paragraph stated, in part, “Facebook takes your privacy seriously. We’ll take action to protect the privacy and security of our users, whether by engaging policymakers or, where appropriate, by initiating legal action, including by shutting down applications that abuse their privileges.” This ignited a larger fire than the first with media online and offline reporting that Facebook would sue employers. HOWEVER, yesterday the company executed yet another of its legendary pivots on privacy issues and announced, maybe it wouldn’t sue after all. But it’s Facebook and the issue is privacy, so maybe it will decide to sue again tomorrow morning.

On Twitter, someone demanded to know why Google had remained silent and where they giving over their user information to employers. Well, it was employees not online companies hearing the ‘requests,’ and Google really had nothing to do with the story. What scared me was that employers might figure out how much more they could learn by seeing what their employees were searching.

There are so many legs to this story, following it is like watching a centipede on a hot tin roof trying to dance.

First off, as Heddi Cundle, CEO of myTab Inc., a San Francisco-based startup put it, “the idea of requiring people to turn over the username and password is pretty much like they require you to turn over your housekey so that an employer can make sure you have nothing illegal going on inside the privacy of your own home.

Enough is enough.

While discussing the issue on Facebook, Joel Postman, a social pr consultant and author observed, “We already give employers our social security number, our driver’s license or passport number, our address, and phone. If we sign up for direct deposit they get our checking account number and ABA routing number. Companies are tracking every keystroke and every IP address you visit while at work.” Some employees even have to submit bodily fluids for drug testing.

If this sort of practice pushes forward, it will become a most volatile ignition point. There has to be a limit to unreasonable search and seizure and this one would be a wonderful candidate because almost no elected official would be boneheaded enough to support the employer in this case.

But there is real question as to how widespread such practice really are. The number of cases reported so far appear to have three aspects in common: 1. They involve government positions, most of them public safety jobs. This does not justify the privacy invasion, but may explain overreaction by employers who really do need to worry about security. 2. All incident being reported are more than a year old. 3. As far as I could find, there is not a single report of passwords being demanded by private sector companies.

In short, these incidents should never have happend, but there is just no evidence that the practice is spreading.

I often use Twitter and Facebook to crowd source my writing. I asserted some effort for several hours today to see if I could find more stories then the minuscule and aging anecdotes that were reported by Fox and NPR.

Only one new one came up, reported by Gina Kay Landis, who told me she had pored through 53 Google Search pages and found only one new case. It involved the City of Bozeman, Montana who required Facebook and, of all sites, MySpace, indicating the practice had started in earlier times. She also found a CNN report saying it was suspended in 2009.

Of all the online issues I think you should worry about, my advice is to lose no sleep on this one. If such a practice is being tried, it is not widespread and it is unlikely that it will become widespread based on available information. Plus any company that tried to do this to you is a place where you should avoid working.

Post Your Comment

Post Your Reply

Forbes writers have the ability to call out member comments they find particularly interesting. Called-out comments are highlighted across the Forbes network. You'll be notified if your comment is called out.

Mr X gives the finger to big brother and waves it around to make sure he sees it.

Folks, I tell you what. Remember all those sci-fi movies and religious nuts talking about the government putting a chip under your skin? As long as you give up information freely, there’s no need to for that. You’re going to be your own undoing long before we get to that point.

When a company hires you, they hire you for your talent and skills. What you do on your own time is quite frankly non of their business. You may argue to the contrary, but fact of the matter is if you don’t fight against this invasion of your personal space, you’re not going to have any. Okay?

Your have constitutional rights that people fought and died for in regards to expressing yourself. You gonna trade that away for a paycheck?

However long you allow this invasion of privacy to go on is how long it will…

“Of all the urgent thing that US Senators could bring to the attention of the Justice Department on a Sunday afternoon, this seems to me to have been a very lame selection”

Yes and no. Because you have the lemming effect with employers who will read about sorting through people’s Facebook accounts, think it’s a great idea and attempt to put it into practice until they are told they can’t. Unfortunately this publicly was a double edged sword. While it brought the practice to light and probably got legislation started, it probably also gave the idea to several unscrupulous HR people.

Gee, I guess the simplest thing to do is to not have a Facebook account. Or Twitter. Or Whatever.com. Or any of the “social media” time-wasters. Honestly, how many people actually have the time to mess around with this junk. For the record – nope, no Facebook for me. No Twitter. No Whatever.com. You spend your time on social media – I’ll spend mine on life. (And no, that doesn’t explain what I’m doing here. Hey, a little inconsistency is a good thing :-).

If this is an example of the writing skills of Forbes authors, I’d like to apply for a job. There’s so many typos, wrong verb case and mangled phrases I could do the job and not need to proofread my work.

Simply because it occurred a few years ago does not make this a non-issue. It highlights a much more broad debate on how technology should and should not be used in our civil society. The ethical questions are very important and the debate needs to occur. Dismissing this is foolish.

I guess you couldn’t be bothered to do *your* research either! Have a look at this article, which was one of the primary ones that started it all this week, & much of your argument falls apart. http://www.usatoday.com/tech/news/story/2012-03-20/job-applicants-facebook/53665606/1

Then again, why would I expect someone who apparently doesn’t bother to spell check or proof his work before publishing it to actually spend time researching his subject??